the grugq's newsletter

Subscribe
Archives
October 4, 2025

October 3-4, 2025

October 3-4, 2025

There is someone exposing IRGC (Islamic Revolutionary Guard Corps) stuff on GitHub.

I'm not a IRGC geopolitical nerd, so I can't assess the value of the content. However, if you know what the fuck is going on, maybe you'll find it interesting:https://t.co/pGJjysrLXY

โ€” vx-underground (@vxunderground) October 1, 2025


so awesome to see such talented researchers join the Linux kernel space. talk about a quick study. no Linux kernel research background and reproduces a complex state machine bug from just the patch commit in a few days ๐Ÿ˜…. pretty insane https://t.co/mO7qf0impF

โ€” h0mbre (@h0mbre_) October 1, 2025


If you look at the big picture, Russian subversion v Europe since 2022 has been aimed at coercing Europe to abandon Ukraine & deterring provision of new & better aid. In that sense it has completely failed & is still failing. But this new wave of subversion may also be aimed atโ€ฆ https://t.co/GQcvVLslg4

โ€” Shashank Joshi (@shashj) October 1, 2025


https://t.co/xUXkITOyd1

It interesting but still a v. small subset of TEE implementers would be impacted

โ€” AndrewMohawkโฝโฟแต˜หกหกโพ (@AndrewMohawk) October 1, 2025


Eternal-Tux: Crafting a Linux Kernel KSMBD 0-Click RCE Exploit from N-Days

William Liu @cor_ctf posted an article about exploiting a slab object overflow (CVE-2023-52440) and remote infoleak (CVE-2023-4130) in the kernel SMB3 daemon to gain RCEhttps://t.co/kqvwX9NbSK pic.twitter.com/EKrpCIETcb

โ€” Linux Kernel Security (@linkersec) October 1, 2025


babe are you ok? itโ€™s already q4 and youโ€™ve barely touched your โ€œ2025 roadmapโ€

โ€” alli (@sonofalli) October 1, 2025


Blog post is out! Come learn about how I analyzed the latest kernelCTF 1-day submission.

This was a vulnerability in the Kernel TLS subsystem. I didn't write a full exploit yet, but @u1f383 already gave me some ideas that I will try to implement soon๐Ÿ˜…https://t.co/jFcVrwm9NF

โ€” Faith ๐Ÿ‡ง๐Ÿ‡ฉ๐Ÿ‡ฆ๐Ÿ‡บ (@farazsth98) October 1, 2025


Want to know what happens when commercial TEEs meet improvised DRAM memory interposers? SGX mayhem including attestation key extraction. Please DO try that at home๐Ÿ˜‰. Check out our work at https://t.co/JyvHP48nez pic.twitter.com/6sB93LGeDt

โ€” Daniel Genkin (@DanielGenkin) September 30, 2025


๐Ÿ”ฅ The next episode of Behind the Binary is here! We're joined by renowned security researcher Hahna Kane Latonick (@hahnakane) for a deep dive into the powerful world where reverse engineering meets data science.

๐ŸŽง https://t.co/AkJk1OiVSJ

โ€” Josh Stroschein | The Cyber Yeti (@jstrosch) October 2, 2025


Maybe Iโ€™m just dumb, but it feels like half the RCE write-ups I read basically say โ€œif an attacker has rootโ€ and then describe the most boring thing you can do from there.

โ€” Zack Korman (@ZackKorman) October 2, 2025


I reported an arbitrary code execution in Unity Runtime, which affects all versions starting from Unity 2017.1.

As the vulnerability can be exploited without specific usage, I strongly encourage developers to patch.

Technical details below:https://t.co/af3d28rXw3

โ€” RyotaK (@ryotkak) October 3, 2025


Debugging the kernel on a Pixel 8 with GDB over serial connectionhttps://t.co/xcqguFkgat

Credits @andreyknvl#cybersecurity pic.twitter.com/Do98LXj65Q

โ€” 0xor0ne (@0xor0ne) October 2, 2025


Golang reverse engineering walkthrough! A challenge we solve with three different approaches: (1) static analysis with IDA, (2) dynamic analysis in a debugger and (3) patching the binary and switching to a desired code path ๐Ÿ˜Ž https://t.co/7PfQNAHiMz pic.twitter.com/Sl9wTnP6bQ

โ€” John Hammond (@_JohnHammond) October 2, 2025


My intern was born in 2007

I have unread emails older than that

โ€” Ash Arora (@asharoraa) October 2, 2025


The Chinese launch thousands of drones from special containers carried by a โ€œtransformerโ€ truck.
Currently used by a civilian drone light show company, the concept extrapolates to rapid launches of massive military drone swarms. https://t.co/hwj7iNuxKd pic.twitter.com/W7yFok1DKQ

โ€” Roy๐Ÿ‡จ๐Ÿ‡ฆ (@GrandpaRoy2) October 2, 2025


PRO TIP: REST is overengineering. Just expose one endpoint called /api that accepts SQL queries directly. pic.twitter.com/7uHSmak7y3

โ€” Shayan (@ImSh4yy) October 2, 2025


You know itโ€™s officially spooky season when the cauldron light comes on pic.twitter.com/HQa0x0PL7U

โ€” Will Rose (@Vermintyfresh) October 2, 2025


Pumpkin (@u1f383) wrote an exploit for this issue! Go check out their blog post ๐Ÿ‘€

https://t.co/AkoQFtkU4a https://t.co/MpzgYlGrPp

โ€” Faith ๐Ÿ‡ง๐Ÿ‡ฉ๐Ÿ‡ฆ๐Ÿ‡บ (@farazsth98) October 3, 2025


Anotha week, another VR newsletter ๐Ÿดโ€โ˜ ๏ธ๐Ÿ“ฐ@NCCGroupInfosec (@_mccaulay, @alexjplaskett) pop a Tesla TCU unit

kCTF 1-day breakdowns from @farazsth98 & @u1f383 @tehjh talks potential remote ASLR leaks

+ Jobs and MORE ๐Ÿ‘‡https://t.co/vaAmZCzGnH

โ€” exploits.club (@exploitsclub) October 3, 2025


we are auditing this clearly vibe-coded app ([AGENT].md files all over) and oh boy the amount of vulnerabilities found are insane.

it's awful that every critical vulnerability like SQLi, SSRF, and command injection shows up in the application.

there are few reasons that modelโ€ฆ

โ€” s1r1us (@S1r1u5_) October 3, 2025


โŒ Wrong: โ€œVictim must install a malicious appโ€
โœ… Right: โ€œAny 3rd-party app can exploit itโ€

Legit apps (e.g. Chrome) can be abused as gadgets, turning complex bugs into 1-click exploits. No excuse to leave it unfixed.https://t.co/XXU161QEFY

โ€” Dimitri 0s (@Ch0pin) October 3, 2025


has security gone too far? pic.twitter.com/AgnfSa2U8a

โ€” Matti Palli ๐Ÿง™โ€โ™‚๏ธ (@tritlo) October 3, 2025


Dropped all the username - password combinations recorded in the past 24hrs in a Gist:https://t.co/OMQ34dp9v9

Credentials are Cisco and AnyConnect-themed https://t.co/opjd4g1QuV

โ€” Simo (@SimoKohonen) October 3, 2025


Red teams slip past detection. Defenders adapt. The cycle continues. ๐Ÿ”„

John Wotton's latest on AI gated loaders shows how offensive operators are using LLMs to make shellcode execution context-aware, executing only when OPSEC policies are met. https://t.co/clH1zOhuPb

โ€” SpecterOps (@SpecterOps) October 3, 2025


> be uk government
> uk government says "need to protecc da kidz"
> says discord dangerous
> makes ppl send ids to discord
> discord age verification compromised

lmfao rip united kingdom nerds. its all over

โ€” vx-underground (@vxunderground) October 3, 2025


''GitHub - 0xMarcio/cve: Latest CVEs with their Proof of Concept exploits.''#infosec #pentest #redteam #blueteamhttps://t.co/pWdLoQRWoH

โ€” Florian Hansemann (@CyberWarship) October 3, 2025


There be a bunch to choose from from the list of naughty strings;https://t.co/Zb2VBGsvni

"If you're reading this, you've been in a coma for almost 20 years....Please wake up, we miss you."

โ€” S0AndS0.eth (@S0_And_S0) October 3, 2025


US Resercher shows attackers can eavesdrop with high performance gaming mouse
- Using High perf sensor like PAW3395, 3399(20+K DPI, 4+KHz polling) can detect
- AI can detect and reconstruct the vibrations in voice that occur during conversation pic.twitter.com/iWISWzmTVX

โ€” ํฌ์‹œํฌ์‹œ (@harukaze5719) October 3, 2025

The downside of being heavily dependent on the environment - can be mitigated by using thick desks, mouse pads, etc.

paper: https://t.co/QB61zz1IuZ
[Invisible Ears at Your Fingertips: Acoustic Eavesdropping via Mouse Sensors]

โ€” ํฌ์‹œํฌ์‹œ (@harukaze5719) October 3, 2025


https://t.co/o4CGqi5qR0ย โ† we've just released Paged Out! zine Issue #7https://t.co/ZEuR7WtUAL โ† direct linkhttps://t.co/DFuGBWFb4D โ† prints for zine collectorshttps://t.co/8VN5hGyEux โ† issue wallpaper
Enjoy!

Please please please RT to spread the news - thank you!

โ€” PagedOut (@pagedout_zine) October 4, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X